[cryptography] Crypto Fiddling?
Felix.Wyss at inin.com
Fri Mar 30 21:44:59 EDT 2012
Do you have a reference discussing why the EAX' changes destroyed the security properties of EAX? From a cursory reading I found the "optimizations" to be of rather dubious value (in particular the masking to limit inter-word carry) but nothing jumped out at me screaming "fail!"
> -----Original Message-----
> From: cryptography-bounces at randombit.net [mailto:cryptography-
> bounces at randombit.net] On Behalf Of Jeffrey Walton
> Sent: Friday, March 30, 2012 20:14
> To: Randombit List
> Subject: [cryptography] Crypto Fiddling?
> Hi Guys,
> I'm aware of two standards where folks fiddled with a scheme and destroyed
> its security properties:
> * A5/3 based on Kasumi used in GSM networks
> * EAX' (EAX Prime) based on EAX mode
> Are there any other spectacular failures that come to mind?
> cryptography mailing list
> cryptography at randombit.net
More information about the cryptography